Tag Archives: WISP

States Legislate Cybersecurity Requirements for Insurance Companies

Following in the footsteps of the New York Department of Financial Regulation (NYDFS) in enacting cybersecurity requirements for the financial services industry, and in response to massive data breaches in the insurance industry, a wave of states have either enacted or are pursuing legislation aimed at regulating the cybersecurity measures of insurance companies. In 2017, … Continue Reading

Do You Have a WISP?

Although the Massachusetts Data Security Regulations went into effect March 1, 2010, I still find that many companies have not implemented a Written Information Security Program (WISP) and don’t know that they are required to do so. According to the regulations, any companies or persons who store or use personal information of a Massachusetts resident … Continue Reading

Ashley Madison Settles with FTC and State AGs for $1.6 Million

We have previously reported on the Ashley Madison data breach and subsequent litigation [view related posts here, here, here, and here]. On December 14th, Ashley Madison announced that it has agreed to pay $1.6 million and implement additional security measures to settle claims brought by the Federal Trade Commission (FTC) and multiple state Attorneys General … Continue Reading
LexBlog